{"title":"静态分析软件的源代码,基于Fortify静态代码分析器的解决方案","authors":"N. V. Goryuk, I. M. Lavrovsky","doi":"10.31673/2409-7292.2021.020910","DOIUrl":null,"url":null,"abstract":"The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Static analysis of software source code based on the Fortify Static Code Analyzer solution\",\"authors\":\"N. V. Goryuk, I. M. Lavrovsky\",\"doi\":\"10.31673/2409-7292.2021.020910\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.\",\"PeriodicalId\":107068,\"journal\":{\"name\":\"Modern information security\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Modern information security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.31673/2409-7292.2021.020910\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Modern information security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31673/2409-7292.2021.020910","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Static analysis of software source code based on the Fortify Static Code Analyzer solution
The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
